-
Notifications
You must be signed in to change notification settings - Fork 107
How To
Surya Jakhotia edited this page Jul 17, 2018
·
11 revisions
- How do I attach my custom Lambda to authenticate my API Gateway requests?
Authentication and Authorization of your API resource can be done easily through your API's swagger. Lets see this through an example.
Using Jazz create a Lambda that will handle authentication - in this example lets say we gave namespace as mynamespace and service name as myauthorizer while choosing service type of function.
Now lets start updating the swagger (swagger/swagger.json) of your API service.
- Add a security definition node at the root (similar to here)
"securityDefinitions": {
"{envPrefix}-mynamespace-myauthorizer": {
"type": "apiKey",
"name": "Authorization",
"in": "header",
"x-amazon-apigateway-authtype": "custom",
"x-amazon-apigateway-authorizer": {
"authorizerCredentials": "{conf-role}",
"authorizerResultTtlInSeconds": 300,
"authorizerUri": "arn:aws:apigateway:{conf-region}:lambda:path/2015-03-31/functions/arn:aws:lambda:{conf-region}:{conf-accId}:function:{envPrefix}-mynamespace-myauthorizer-{envmnt}/invocations",
"type": "token"
}
}
}
-
Now for each API resource that you want to protect, you will add a security section (similar to here). If you are enabling CORS, you don't want to add protection to your OPTIONS request.
"security": [ { "{envPrefix}-mynamespace-myauthorizer": [] } ],
Create! Manage! Self-service!